package br.net.woodstock.tickettoride.jee6.web.security;

import javax.inject.Named;
import javax.interceptor.InvocationContext;

import br.net.woodstock.rockframework.web.faces.security.RoleValidator;
import br.net.woodstock.tickettoride.web.jsf.security.common.JSFConstants;
import br.net.woodstock.tickettoride.web.jsf.security.common.JSFSecurityUtils;

@Named("localRoleValidator")
public class LocalRoleValidator implements RoleValidator {

	private static final long	serialVersionUID	= -7000189822054433113L;

	@Override
	public boolean isValid(final InvocationContext context, final String[] roles) {
		for (String role : roles) {
			if (JSFSecurityUtils.isUserInRole(role)) {
				return true;
			}
		}
		return false;
	}

	@Override
	public Object onInvalid(final InvocationContext context) {
		return JSFConstants.NO_ACCESS_PAGE;
	}

}
